all the scripts in it will have nil parents just put the modules somewhere else or embed them or define them before niling the actor
It will not be the same. As I have said in previous replies this will get more and more in-depth as I go. Itâs not gonna be just basic things. Eventually it will get into a full on anti-exploit that anyone can make and understand how it works. Most of the time people just explain basic concepts, versus what I am going to be doing. I will also be turning this guide into a long-form youtube video. Please understand that there are new developers looking for things like this, and most guides are either outdated or donât explain these concepts enough. If this isnât for you, then donât follow it and donât comment on it.
That is why I am doing this. I used to exploit, I know how it works from the inside, that is why I am working on a more in-depth guide and video form of it.
Thank you for somewhat defending this guide, I do appreciate it.
1 Like
Why not handle gui actions totally on Server scripts? Easy to handle in my opinionâŠ
You want to largely avoid doing any form of user input on the server. Less work for the server itself and also if we canât already handle user input on the server why would we be able to handle client-sided UI.
2 Likes
Sure we canât do anything with the UserInputAervice from server. But Iâve had bad experience with plethora of events, conditions, which is why I try putting plausible client inputs in server for concise code.
But you may be right, since my gamesâ guis seem to be visible slower than other gamesđ
Are you sure? I think they may since youâre putting the Actor in ReplicatedFirst in the first place (Actor.Parent ~= nil) and just afterwards youâre setting it to nil⊠so thereâs a window of opportunity.
Ehm⊠Iâm not sure. All instances whose Parent property is set to nil are still stored in memory, and since many exploits directly inject code into the VM they have access to all memory stuff, besides they may check all threads currently running (let their Script instances being parented to nil or not).
Synapse is a script injector⊠yes, uses a DLL injector which âinjectsâ the thread directly into the VM, but just for running scripts, so, yes, I agree with you in this one, thereâs no real practical chance with Synapse.
Now, âunbypassableâ, absolutely not: thereâre exploits that inject the playerâs Client before joining any experience, so, absolutely everything that happens to the client, is registered by this kind of exploits (in other words, theyâre injected into the VM before ReplicatedFirst runs: so they have access to ReplicatedFirst in its initial, uncompiled state, still when the parent of Actor isnât nil).
Take a look at this topic, it has interesting information about it:
The content of your post is good, I like it.
One issue that IMO may be causing many of the negativism is that your title is â[âŠ] Protecting Remotesâ, and youâre only exposing one way to actually protect Remotes, ignoring other methods by doing so. So, I think many users are criticizing this in a non-constructive way because it doesnât cover a more complete spectrum of this complex topic, âminimizing it to a simple, straightforward series of simple stepsâ.
I understand this is a tutorial directed towards a more beginner audience, but I believe, in a constructive way, that you need to convey so more explicitly.
Hope this helps!
1 Like
- no executors currently have auto execute faster than replicatedfirst
- getnilinstances didnt show it (as soon as it was parented it wasnt findable) syn tried to stop people using actors with the actor library but getactors would either crash or not show the actor if nil
- synapse executed before replicatedfirst and roblox stores bytecode on the server + even if you do use auto execute to run before the script a client + client + server handshake will instantly ban them which would take way too long to bypass with getting banned and rejoining every single time
actor method ftw (unbypassable if u dont skid)
Ah, alright, thatâs an interesting perspective. Iâll surely look more into it!
Thanks for the input!
I also try to check the leaderstats on the client and the server, so if the user changes their leaderstats on the client, and if it doesnt correlate on the server, the player gets kicked for hacking.
Scare the script kiddies
What would be the benefit of changing the leaderstats on client? 
If the user doesnât really know stuff (like FE), so I scare them!
FE is default on all games now, and leaderstats donât replicate last I checked.
I know that, itâs just I wanât to scare dumb hackers who donât know about that stuff
I donât know how that would âscareâ them, it just wouldnât do anything?
The hacker would get kicked, and if the hacker isnât knowledge they might think they got banned from the game, just a little troll